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CLAIMS 

1. A\method of securing communication between a first party and a 
second, party comprising the steps of: 

defining a criteria for selecting one of a plurality of different 
security methods, the plurality of security methods each 
comprising a plurality of messages selected from a set of 
messages, \at least two different security methods having at least 
one message^ in common; 

selecting one of the said plurality of different security 
methods in accordance with said defined criteria; and 

performing said security method. 

2. A method asV claimed in claim 1, wherein said criteria is to 
select the security method is selected at random. 

3. A method as cJ^gyimed in claim 1 or 2, wherein said criteria 
is to select sai<3 Vsecurity method based on the processing 
capability of the fiAst and/or second party. 

4. A method as claimed in claim 1, 2 or 3 , wherein said 
criteria is to select trie security method in dependence on the 
amount of time since the \last security method was performed. 

5. ^ method as claimed rn any one of the preceding : claims , 
wherein said criteria is to select the security method based on 
the function provided by the security method. 

6. A method as claimed in any one of the preceding claims, 
wherein the plurality of security methods comprise at least one 
authentication method and/or at least one rekeying method. 

7. A method as claimed in claim 6, wherein at least one 
authentication method includes a key\exchange to create a shared 
secret. \ 



8. A method as claimed in claim 6 oi 7, wherein a rekeying 
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method is performed after an authentication method. 

9. A. method as claimed in claim 6, 7 or 8, wherein a rekeying 
method\is without carried out without authentication. 



10. A method as claimed in claim 6,7 or 8, wherein the rekeying 
method is \authent icated . 

11. A metHpd as claimed in claim 10, wherein the set of 
messages mci^udes at least one of the following message types: 
at least one random number message; at least one hash function 
message; at least one signature function message; at least one 
parameter for use with a given function message; at least one 
security parameter message; at least one key for a given function 
message; at least \one encoded message; at least one message to 
and/or from at l^^st one third party; and at least one 
authentication reg£\dnse message 

12 . A method as clainfed in claim 11 wherein the set of messages 
includes the following^ message types: one signature function 
message; two security parameter messages; two random number 
messages; one encoded signature; function message; one encoded 
user identification message; two parameters for use with given 
function messages; two hash function messages; one contact 
message with a third party; Vne response message from the third 
party,* one authentication response message; and two public 
parameters for the given funccsion. 



13. A method as claimed in clain\12, wherein the set of messages 
are as follows: 
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II A E K (SIG u (hash[SIG2] (n I g I g x | g y I g* 7 I P I P ' I R I R ' I B [ U) ) 
12. \ E K (Su) 

13 . \hash[AUTH] ( n | g | g^mod n | R | R ' | B | U) , U 

14. Viash [RESP] (hash [SEC] S|hash[AUTH] (n | g | g^mod n | R [ R ' |B|U) ) 

15. hash [SEC] (S | hash [AUTH] (n | g | g^mod n | R | R ' | B | U) ) 

where n\ and g are Diffie Hellman public parameters, R and R' are 
random Vumbers, P and P' are security parameters, g is a 
generator of the Diffie Hellman exchange, x and y are random 
exponentsA n is the modulus of the Diffie Hellman key exchange, B 
and U are \ the identity, of the first and second parties, SIG 
represents a signature, E k represents encryption, AUTH represents 
authentication . 



14. A method Vs claimed in claim 11, 12 or 13, wherein a first 
security method\uses the following messages : the first and second 
keys for a given function messages ; first and second random 
number messages, rirst : and second security parameter messages, a 
signature function message, one encoded user identification 
message and optiona|\Ly at least two parameters for use with a 
given function messj 

15. A method as claiVn^d in claim 11, 12, 13 or 14 wherein a 
second-, security method uses first and second random number 
messages, first and secokd security parameter messages, first and 
second keys for a given function messages, a signature function 
message and optionally first and second parameters for" use with 
the given function message) 

16. A method as claimed in\any of claims 11 to 15 wherein a 
third security method uses \first -and second random number 
messages, first and second security parameter messages, first and 
second keys for given function messages, one encoded user 
identification message, one message to and one message from a 
third party, one authentication response message and optionally 
first and second parameters for\ use with a given function 
message 



17. A method as claimed in any of claims 11 to 16 wherein said 
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ty method is a first rekeying method and comprises first 



s<ecuri 

ana second random number messages. 

18. \ A method as claimed in any of claims 11 to 17 wherein the 
security method is a second rekeying method and uses first and 
second random number messages and first and second hash function 
message 

19. A mdthod as claimed in any of claims 11 to 18 wherein the 
security method is a third rekeying method comprising first and 
second random number messages, a signature function message and 
an encoded message. 



20. A method \as claimed in any one of claims 11 to 19, wherein 
one security method is a fourth rekeying method and comprises the 
use of first anql second random number messages, one message to 
and one message \from the third party and one authentication 
response message . 

21. A method as<^clkimed in any of claims 11 to 20, wherein the 
given function is a E}if f ie-Hellman function. 

22. A method as claimed in any of claims 11 or 22, wherein at 
least one of said messages types comprises two messages, one 
message being from the f^.rst party and the other message being 
from the second party. 

23. A method as claimed in\any of claims 11 to 22, wherein the 
encoded message is used td transfer information as to the 
identity of at least one of tVe first and second parties to the 
other of the first and second parties. 



24. A method as claimed. in any claims 11 to 24, wherein at 
least one of said first and second parties is arranged to 
communicate with a trusted third party and is arranged to receive 
messages from and/or send messages Vo that trusted third party. 
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25 \ A method as claimed in any of claims 11 to 24, wherein the 
exchange of messages between the first and second parties permits 
a shared secret to be created which is used to authenticate the 
communication between the parties. 

26. A method as claimed in claim 6 or any claim when appended to 
claim 6, wherein at least one rekeying method comprises the steps 
of exchanging at least one random number between the first and 
second parcyies . 

27. A method\as claimed in claim 26, wherein at least one of the 
random numbers\ is authenticated. • £ 

28. A method as claimed in any preceding claim, wherein the 
method is used in\ a telecommunications network. 



|y ; 29. A method as cAarcLmed in claim 28, wherein at least one of 

; said first and secoiM stations comprises a mobile station. 



30. A method as claimed in claim 28 or 29, wherein at least one 
of the first and second\ stations comprises a base station. 

31. A wireless telecommunication system comprising a first 
station and a second station, wherein communication between said 
first fcnd second station is ssecured in accordance with the "method ^ 
described in any one of the preceding claims. 

32. A network element for securing communication between a first 
party and a second party comprising: 

means for defining a criteria for selecting one of a 
plurality of different security mat hods ; 

selection means for selecting one of said plurality of 
different security methods in accordance with said defined 
criteria; and 

means for ensuring that the commui^ication between said first 
and second parties is in accordance wio^i said selected security 
method. 



